Role: Senior IT Analyst (IT audits, application development).

Location: Manila-Hybrid.

Job Description:

In close coordination with IT Assurance Team, the Sr. IT Controls Analyst will perform the following:

Perform IT audit coordination activities:

• Assist in gathering and providing required evidence in a timely manner as part of various IT assurance reviews, including internal and external audits
• Review audit reports and provide recommendations on action items needed to address audit gaps in coordination with relevant teams
• Monitor status of actions plans across various ITD teams, ensuring that gaps are addressed timely and sufficient evidence is obtained to close the gap
• Create and maintain monthly dashboards to provide risk and audit data

Support IT control assessments:

• Oversee planning, execution and reporting of IT controls testing initiatives
• Assist in planning, implementation, coordination of ISO 27001, SWIFT CSP and related information security activities
• Monitor quality and timeliness of deliverables submitted by service provider. Review the working papers prepared by service provider to ensure accuracy, appropriateness and completeness of procedures performed and evidence obtained
• Recommend improvements to enhance maturity of IT control environment and mitigate recurrence of control gaps

Support IT Policy Development and Maintenance:

• Maintain central repository for ITD policies, processes, and standards
• Facilitate periodic review of ITD policies, processes, and standards for required updates
• Develop and/or update comprehensive ITD policies, processes and standards that align with industry good practices and frameworks, and in coordination with relevant stakeholders
• Provide recommendations for streamlining existing documentation or creation of new policies/processes based on changes to the IT environment

Manage and maintain ITD’s GRC Tool:

• Assist in identifying user requirements and functionalities to enhance GRC tool
• Participate in testing and deployment of new functionalities or upgrades
• Configure and/or update GRC dashboards for management reporting
• Address GRC tool issues identified or reported by users

Requirement and Qualification (Education & Work Experience)

Education and Work Experience

• Bachelor’s degree, preferably in Business Administration/Management, Accounting, Computer Science, Information Technology or Engineering
• Minimum of 5 years relevant work experience in IT audits, application development controls review and IT policy development
• Experience working in audit firm either locally or abroad
• Good understanding of IT audit principles, standards and procedures
• Broad range of knowledge of information technology as applied in an enterprise environment

Technical Knowledge

• Knowledgeable on frameworks such as Sarbanes-Oxley, COSO, COBIT, NIST, PMBOK, ISO 27001, SWIFT CSCF
• Experience in GRC tool implementation and/or administration

Soft Skills

• Must be able to relate and comfortable in dealing with senior executives from a variety of culture
• Excellent written and oral English communication skills
• Strong analytical skills
• Willing to work in a team, with long hours while under pressure
• Attentive to details and methodical with work

Certification (if applicable)

• CISA, CISM, CISSP, ISO 27001 certification preferred

Please refer to job description.